RT-AC85P & OpenVPN

[snips86x]

Has anyone managed to get full download/upload speed running the above router and OpenVPN? I've spent a few hours tinkering by changing Compression and values suggested in THIS forum but my mobile is only getting 1.2Mbps down and 1.2Mbps up.

Connected via 5g Wifi, I get 74/17, so something is really wrong with how OpenVPN passes traffic.

Has anyone managed to break this barrier?

 

[snips86x]

Ok, so it looks like the DDNS was the problem here. I tested using No-IP and was able to get 17/17 but it's not quick enough.

Free DDNS solutions?

 

[Avalon]

Do you understand that running a VPN at a router level for all outbound connections has limitations? Expect streaming services such as iPlayer, banking and visiting certain websites to be problematic and ordering products/services often gets flagged as fraud. That brings us to what you’re actually doing, running OpenVPN on a MIPS/ARM CPU without hardware encryption support is going to be slow, if you have a slow connection, it’ll be less of an issue, but if not, you’d crippling your connection.

So let’s start with the basics:

How fast is your connection?
How fast do you need your VPN to be?
What is the purpose of the VPN? (think about your answer relative to the forum rules).
Do you actually need this to happen at a router level?
Can this be achieved in a different (more efficient) way?

For example, running a VPN on an ARM router may yield 35Mbit, running the same VPN on the client may be near line speed (less overheads), you can also run a docker container if you have a suitable environment and use something like Privoxy to expose that to other clients without putting the overhead on the client.

 

[bledd]

Do you have a raspberry pi?

You can use this to put Wireguard on instead of openvpn..

https://www.pivpn.io/

Better throughput. Just need to forward a port to the pi.

 

[Avalon]

Do you have a raspberry pi?

You can use this to put Wireguard on instead of openvpn..

https://www.pivpn.io/

Better throughput. Just need to forward a port to the pi.

While that would work on a slow connection and Wireguard throughput is in a different league to OpenVPN, the biggest issue with most Pi’s (especially the older ones), is the shared bus limiting network IO. Ironically he would likely get better throughout by flashing OpenWRT and running Wireguarg that way.

 

[snips86x]

Do you understand that running a VPN at a router level for all outbound connections has limitations? Expect streaming services such as iPlayer, banking and visiting certain websites to be problematic and ordering products/services often gets flagged as fraud. That brings us to what you’re actually doing, running OpenVPN on a MIPS/ARM CPU without hardware encryption support is going to be slow, if you have a slow connection, it’ll be less of an issue, but if not, you’d crippling your connection.

I did not know that. Setting up my own VPN has been something I've only just started doing. It was more of a little project which I thought I was would try in congunction with building a file server over the coming weeks to replace my NAS.

How fast is your connection?

My fibre connection is 80/20

How fast do you need your VPN to be?

As fast as I can make it

What is the purpose of the VPN? (think about your answer relative to the forum rules).

The purpose is to allow myself and family remote access to my NAS for file sharing, nothing more, nothing less. Ive has the NAS for 5 years and been using it for films, photos and other downlaods (Games/ISOs).

I've recently purchased a Dell T1700 which I will hope to be my NAS replacement. I fancied a project and out of boredom decided to test setting up the VPN. The process was fairly simply and I had minimal issues.

What I did discover was that the default DDNS I get to use by ASUS is probably being used by a lot of other people so it's throttling the speeds and slow. At best, I was getting 1.2MB/s up and down. When I switched to the No-IP trial DDNS, I was getting 17MB/s.

So you can see why I asked my original question on the best alternatives for DDNS. The connection does work but it's being limited.

Do you actually need this to happen at a router level?

Ideally, yes. I'm not in a position to do it any other way just yet.

Do you have a raspberry pi?

You can use this to put Wireguard on instead of openvpn..

https://www.pivpn.io/

Better throughput. Just need to forward a port to the pi.

I do not have one but that could be interesting. However, it won't be anytime soon.

 

[bledd]

I use mine alongside pinole (ad blocking DNS).

So if I'm out and about, I can VPN to home and have adblocking on the go. Means quicker safer browsing and less data used up on my phone.
It's one radio button on my phone.

Can also then use the Pi to "wake on LAN" any sleeping machines at home.

 

[snips86x]

I've got 50gb mobile data but I can see the appeal to your solution.

I'd just like to find a way to improve my incoming connection via VPN, the ASUS DDNs is trash.

 

[Avalon]

I did not know that. Setting up my own VPN has been something I've only just started doing. It was more of a little project which I thought I was would try in congunction with building a file server over the coming weeks to replace my NAS.


My fibre connection is 80/20


As fast as I can make it


The purpose is to allow myself and family remote access to my NAS for file sharing, nothing more, nothing less. Ive has the NAS for 5 years and been using it for films, photos and other downlaods (Games/ISOs).

I've recently purchased a Dell T1700 which I will hope to be my NAS replacement. I fancied a project and out of boredom decided to test setting up the VPN. The process was fairly simply and I had minimal issues.

What I did discover was that the default DDNS I get to use by ASUS is probably being used by a lot of other people so it's throttling the speeds and slow. At best, I was getting 1.2MB/s up and down. When I switched to the No-IP trial DDNS, I was getting 17MB/s.

So you can see why I asked my original question on the best alternatives for DDNS. The connection does work but it's being limited.


Ideally, yes. I'm not in a position to do it any other way just yet.



I do not have one but that could be interesting. However, it won't be anytime soon.

DNS literally resolves an easy to remember name to an IP address, it has no bearing on what you’re describing as speed. For your intended purpose (remote user connecting via VPN to NAS) ignore the streaming/banking/shopping point as you aren’t routing your normal traffic via VPN. As you’re on 80/20 FTTC, you are limited to your sync speed, less overheads, if you are getting 17mbit, it doesn’t matter what you do, it’s not going to get massively quicker.

 

[snips86x]

DNS literally resolves an easy to remember name to an IP address, it has no bearing on what you’re describing as speed. For your intended purpose (remote user connecting via VPN to NAS) ignore the streaming/banking/shopping point as you aren’t routing your normal traffic via VPN. As you’re on 80/20 FTTC, you are limited to your sync speed, less overheads, if you are getting 17mbit, it doesn’t matter what you do, it’s not going to get massively quicker.

So without changing any further VPN settings, just the DDNS, why did my speed go from 1.2MB/s to 17MB/s? There is clearly a link between the DDNS that is being used, location, speed throttling. All I did was run SpeedTest on my phone to compare the 2 and it's significant.

 

[Avalon]

Think of DNS as asking someone for directions. Normal people ask for directions, get them and follow them to the destination, the person you asked has nothing to do with the roads being busy or you taking the scenic route. You seem to think you ask for directions and if someone gives you them, they have to carry you to/from where you want to go and you can blame them for how long it takes. Now it’s been a while since I visited the Swindon area, but that’s not something I can say I noticed happening, it’s also not how a DNS server works. It’s reasonably close to how a VPN end point can work, or to some extent a proxy service, but not DNS.

As to why you got a specific result once and a different result another time, you have way too many unknown variables for anything other than wild speculation.